Knowing when a student (user) has logged in and changed their password


1 comment

  • Mark Costello

    aXcelerate should provide an audit log of all actions by users, including logins and password changes. It is basic functionality that provides additional security, enables troubleshooting of problems and keeps people accountable when accessing the significant amount of personal information contained in the database.

    The 48 hour link expiry would make sense if it was generated by the user but when it is generated by the organisation it would be more appropriate to extend it to a 7 day expiry.

    Comment actions Permalink

Please sign in to leave a comment.